A revised version of the NSF Proposal & Award Policies & Procedures Guide (PAPPG) (NSF 16-1), is
effective for proposals submitted, or due, on or after January 25, 2016. Please be advised that, depending
on the specified due date, the guidelines contained in NSF 16-1 may apply to proposals submitted in response to this
funding opportunity.

DUE DATES

Full Proposal Window

December 1, 2016
-
December 15, 2016

December 1 - December 15, Annually Thereafter

CYBERSECURITY EDUCATION Projects

October 12, 2017
-
October 19, 2017

October 12 - October 19, Annually Thereafter

LARGE Projects

October 12, 2017
-
October 19, 2017

October 12 - October 19, Annually Thereafter

MEDIUM Projects

November 2, 2017
-
November 16, 2017

November 2 - November 16, Annually Thereafter

SMALL Projects

December 1, 2017
-
December 15, 2017

December 1 - December 15, Annually Thereafter

CYBERSECURITY EDUCATION Projects

SYNOPSIS

In today’s increasingly networked, distributed, and asynchronous world, cybersecurity involves hardware, software, networks, data, people, and integration with the physical world. Society’s overwhelming reliance on this complex cyberspace has, however, exposed its fragility and vulnerabilities: corporations, agencies, national infrastructure and individuals have been victims of cyber-attacks. Achieving a truly secure cyberspace requires addressing both challenging scientific and engineering problems involving many components of a system, and vulnerabilities that arise from human behaviors and choices. Examining the fundamentals of security and privacy as a multidisciplinary subject can lead to fundamentally new ways to design, build and operate cyber systems, protect existing infrastructure, and motivate and educate individuals about cybersecurity.

The goals of the Secure and Trustworthy Cyberspace (SaTC) program are aligned with the Federal Cybersecurity Research and Development Strategic Plan (RDSP) and the National Privacy Research Strategy (NPRS) to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy. The RDSP identified six areas critical to successful cybersecurity R&D: (1) scientific foundations; (2) risk management; (3) human aspects; (4) transitioning successful research into practice; (5) workforce development; and (6) enhancing the research infrastructure. The NPRS, which complements the RDSP, identifies a framework for privacy research, anchored in characterizing privacy expectations, understanding privacy violations, engineering privacy-protecting systems, and recovering from privacy violations. In alignment with the objectives in both strategic plans, the SaTC program takes an interdisciplinary, comprehensive and holistic approach to cybersecurity research, development, and education, and encourages the transition of promising research ideas into practice.

The SaTC program welcomes proposals that address cybersecurity and privacy, and draw on expertise in one or more of these areas: computing, communication and information sciences; engineering; economics; education; mathematics; statistics; and social and behavioral sciences. Proposals that advance the field of cybersecurity and privacy within a single discipline or interdisciplinary efforts that span multiple disciplines are both encouraged.

Proposals may be submitted in one of the following three project size classes:

Small projects: up to $500,000 in total budget, with durations of up to three years;

Medium projects: $500,001 to $1,200,000 in total budget, with durations of up to four years;

Large projects: $1,200,001 to $3,000,000 in total budget, with durations of up to five years.

In addition to the project size classes, proposals must be submitted pursuant to one of the following designations, each of which may have additional restrictions and administrative obligations as specified in this program solicitation.

CORE: The main focus of the SaTC research program, spanning the interests of NSF's Directorates for Computer and Information Science and Engineering (CISE), Engineering (ENG), Mathematical and Physical Sciences (MPS), and Social, Behavioral and Economic Sciences (SBE). Interdisciplinary proposals are welcomed to CORE.

EDU: The Education (EDU) designation will be used to label proposals focusing entirely on cybersecurity education. Note that proposals that are designated as EDU have budgets limited to $300,000 and durations of up to two years.

STARSS: The Secure, Trustworthy, Assured and Resilient Semiconductors and Systems (STARSS) designation will be used to label proposals that are submitted to the joint program focused on hardware security with the Semiconductor Research Corporation (SRC). The STARSS designation may only be used for Small proposals. This designation has additional administrative obligations.

TTP: The Transition to Practice (TTP) designation will be used to label proposals that are focused exclusively on transitioning existing research results to practice. The TTP designation may only be used for Small and Medium proposals.